Does aggregate mean using (sum, average, count etc) or does it mean something else? Please give an example on how to aggregate two types of data.
I'm using Splunk Search and Reporting (search query only)
The data i have are xml files and lookup tables. I just want an explannation of what aggregate two data types mean. Thanks!
"aggregate" depends on what you are trying to find out:
can be used with
| stats or
| chart for example:
| eval for example:
Thank you! If i have two different sources is it possible to aggregate those two togther and let's say find the average for both of them ? Or i have to find the average of each of them seperatly.